Shodan
Vulnerabilities
Vulnerable Software
Libtiff:  >> Libtiff  Security Vulnerabilities
CVE-2016-3634
The tagCompare function in tif_dirinfo.c in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to field_tag matching.
CVSS Score
7.5
EPSS Score
0.007
Published
2016-10-03
CVE-2016-3633
The setrow function in the thumbnail tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the src variable.
CVSS Score
7.5
EPSS Score
0.005
Published
2016-10-03
CVE-2016-3631
The (1) cpStrips and (2) cpTiles functions in the thumbnail tool in LibTIFF 4.0.6 and earlier allow remote attackers to cause a denial of service (out-of-bounds read) via vectors related to the bytecounts[] array variable.
CVSS Score
7.5
EPSS Score
0.008
Published
2016-10-03
CVE-2016-3625
tif_read.c in the tiff2bw tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TIFF image.
CVSS Score
6.5
EPSS Score
0.006
Published
2016-10-03
CVE-2016-3624
The cvtClump function in the rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (out-of-bounds write) by setting the "-v" option to -1.
CVSS Score
7.5
EPSS Score
0.013
Published
2016-10-03
CVE-2016-3623
The rgb2ycbcr tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero) by setting the (1) v or (2) h parameter to 0.
CVSS Score
7.5
EPSS Score
0.016
Published
2016-10-03
CVE-2016-3622
The fpAcc function in tif_predict.c in the tiff2rgba tool in LibTIFF 4.0.6 and earlier allows remote attackers to cause a denial of service (divide-by-zero error) via a crafted TIFF image.
CVSS Score
6.5
EPSS Score
0.009
Published
2016-10-03
CVE-2016-3621
The LZWEncode function in tif_lzw.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c lzw" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
CVSS Score
8.8
EPSS Score
0.007
Published
2016-10-03
CVE-2016-3620
The ZIPEncode function in tif_zip.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c zip" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
CVSS Score
7.5
EPSS Score
0.006
Published
2016-10-03
CVE-2016-3619
The DumpModeEncode function in tif_dumpmode.c in the bmp2tiff tool in LibTIFF 4.0.6 and earlier, when the "-c none" option is used, allows remote attackers to cause a denial of service (buffer over-read) via a crafted BMP image.
CVSS Score
6.5
EPSS Score
0.009
Published
2016-10-03


Products
Pricing
Contact Us

Shodan ® - All rights reserved